New subject: SPF Mail rejection

22 Jul 2010

      Jay and all,

  just chiming in here.

  In general I agree with you Jay.  Still not having 
a SPF record properly specified should be 'One' check
that should make folks suspicious yet not necessarly
qualifying them as prolific spam originator.  Just my
2 cents, FWIW.

Regards,

Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 300+k members/stakeholders and growing, strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is very
often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B; liability
depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of
Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402 E-Mail jwkckid1(a)ix.netcom.com
Phone: 214-244-4827

-----Original Message-----
...
From: Jay Daley 
Sent: Jul 22, 2010 4:33 PM
To: nznog 
Subject: Re: [nznog] SPF Mail rejection
On 22/07/2010, at 6:10 PM, SIMON WALKDEN wrote:
...
I've seen a lot of clients' outbound mail rejected in the last 12
months due to SPF issues; particularly mail being delivered to
secureMX, or Xtra. The plan of attack was usually:
1. do they appear on any RBL's? (self explanatory, I know, just
thought I'd list it)
2. does the HELO ID of their server match the MX record for the domain?
3. does the MX record (and HELO ID) contain the terms 'smtp' or
'mail'? (strange I know, but it's made a difference)
In what way does it make a difference?
...
4. does a PTR record exist for the mail server's FQDN?
5. does the domain have a valid SPF record?
If all these criteria are met, you really shouldn't have any problems
passing go & collecting $200.
I would love to be able to use HELO/EHLO when deciding what to accept but my own testing shows far too many false positives.  A few years ago and in another role I saw: http://blog.nominet.org.uk/tech/2005/08/06/incorrect-heloehlo-information-is...  but I've seen similar problems recently when I last looked.
I suspect we need a "Strict HELO/EHLO Day" where enough of the world's sysadmins unite to put strict settings on what they accept to force those with crap in their HELO/EHLO to do something about it.
Jay
...
Love,
Simon W
On 22 July 2010 17:22, Mark Wakefield  wrote:
...
On 22/07/10 16:36, Regan Murphy wrote:
...
It appears that safegas.co.nz have their mail configured to come via
hosts.net.nz, and their on-premise mail server is enforcing SPF which should
break for anyone sending them email.
...
...
MX records for domain safegas.co.nz Your 1 MX records are:
10  mta.hosts.net.nz  ip=210.48.108.65
mail.safegas.co.nz is W3's server (rua.w3host.co.nz) so they're going to be
the ones to sort it out.
W3 should also look at putting a firewall in front of that server...
Mark
_______________________________________________
NZNOG mailing list
NZNOG(a)list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog
-- 
"Catapultam habeo. Nisi pecuniam omnem mihi dabis, ad caput tuum saxum
immane mittam."
_______________________________________________
NZNOG mailing list
NZNOG(a)list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog
-- 
Jay Daley
Chief Executive
.nz Registry Services (New Zealand Domain Name Registry Limited)
desk: +64 4 931 6977
mobile: +64 21 678840
_______________________________________________
NZNOG mailing list
NZNOG(a)list.waikato.ac.nz
http://list.waikato.ac.nz/mailman/listinfo/nznog

Re: [nznog] SPF Mail rejection

Jeffrey A. Williams

SIMON WALKDEN

tags

participants (2)